安全数据库数据层推理泄漏检测方法

Approach to Inference Disclosure Detection in Secure Databases

下载PDF

导出

摘要普通权限用户通过查询并结合数据库的其他知识,绕过安全机制,进行间接推理获取非授权信息,从而造成安全数据库敏感信息的推理泄漏。针对这一问题,提出了一种数据层的推理泄漏检测方法。该方法在形式化描述的基础上,根据数据库的约束规则和用户查询数据,基于逻辑推理实现了推理泄漏的检测。理论分析和测试结果表明该方法能够全面、有效地获取用户查询结果中实际蕴含规则,运用这些规则,可以使推理检测的正确率达到81.3%。 The problem of inference disclosure in secure databases that occurs when a generic user circles security mechanism and obtains sensitive data in the database combining the acquired data and application knowledge of the database. To resolve the problem, an approach to inference disclosure detection at data level was proposed. The approach was expressed in form of formal system and detected inference disclosure with logic-based techniques based on database constraints and data user acquired. It is proved theoretically and showed by testing result that the approach can obtain material implications from the acquired data completely and effectively, and its correctness rate of detection can get up to 81.3% with those material implications.

作者张增军戴江山肖军模

机构地区解放军理工大学通信工程学院

出处《吉林大学学报（信息科学版）》 CAS 2005年第3期294-298,共5页 Journal of Jilin University（Information Science Edition）

基金国家自然科学基金资助项目(69931040) 江苏省自然科学基金资助项目(BK2004015)

关键词形式系统安全数据库推理泄漏实际蕴含 formal system secure database inference disclosure material implication

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献9

1CSILLA FARKAS, SUSHIL JAJODIA. The Inference Problem: A Survey [J]. ACM SIGKDD Explorations Special Issue on Privacy and Security,2002, 4(2) :6-11.
2XIAOLEI QIAN, TERESA F LUNT. A Semantic Framework of the Multilevel Secure Relational Model [J]. IEEE Trans on Knowledge and Data Engineering, 1997, 9 (2) :292-301.
3ALEXANDER BRODSKY, CSILLA FARKAS, SUSHIL JAJODIA. Secure Databases: Constraints, Inference Channels and Monitoring Disclosures[J]. IEEE Trans on Knowledge and Data Engineering, 2000, 12 (6) :900-919.
4RAYMOND W YIP, KARL N LEVITT. Data Level Inference Detection in Database System[A]. Proc of llth IEEE Computer Security Foundation Workshop[C]. Rockport, MA. USA: IEEE Computer Society Press, 1998:179-189.
5吴恒山,佘志东,朱虹.函数依赖推理控制的方法[J].计算机工程与应用,2003,39(24):184-186. 被引量：2
6毛奇正,柏文阳,刘奇志.元数据相关推理研究[J].计算机科学,2004,31(11):86-88. 被引量：2
7DONALD G MARKS.Inference in MLS Database Systems[J]. IEEE Trans on Knowledge and Data Eng,1996,8(1):46-55.
8张增军肖军模.一种数据库安全网关系统的研究与设计[J].计算机科学,2004,31(1):107-109.
9THOMAS H HINKE,HARRY S DELUGACH,RANDALL P WOLF.Genie:A Database Generator for Testing Inference Detection Tools[EB/OL].http://www.cs.uah.edu/tech-reports/TR-UAH-CS-1995-02.pdf,2004-03.

二级参考文献12

1J K Millen.Level adjustment for secure functional dependencies[C]. In :Proceedings of Fourth Rome Laboratory Workshop on Database Security(in preparation), 1992.
2Mark E Stickel.Elimination of Inference Channel by Optimal Upgrading[C].In:Proceeding of the 1994 IEEE Computer Society Symposium on Research in Security and Privacy, 1994.
3T Su ,G Ozsoyoglu.Controlling FD and MVD inferences in multilevel relational database system[J].IEEE Transactions on Knowledge and Data Engineering, 1991 ;3(4) :474-485.
4Denning D E,et al. Views for Multilevel Database Security. IEEE Transactions on Software Engineering, 1987,13 (2): 129-140
5Denning D E.A Preliminary Note on the Inference Problem in Multilevel Database Management Systems. In:Proc. of the National Computer Security Center Invitational Workshop on Database Security,June 1986
6Stickel X,et al. Detection and Elimination of Inference Channels in Multilevel Relational Database Systems. In: Proc. 1993 IEEE Symposium on Security and Privacy, 1993
7D G. Inference in MLS Database Systems. IEEE Trans. on Knowledge and Data Engineering, 1996,8(1)
8Su T. Inferences in Database: [Ph. D. Dissertation]. Department of Computer
9Su T,Ozsoyogiu G. Data Dependencies and Inference Control in Multilevel Relational Database Systems. In: Proc. of the IEEE Symposium onSecurity and Privacy, 1987. 202-211
10Su T,Ozsoyoglu G. Multivalued Dependency Inferences in Multilevel Relational Database Systems. In :Database Security Ⅲ: Status and Prospects, eds. D. L. Spooner and C. Landwehr, pp.NorthHolland, Amsterdam, 1990. 293～300

共引文献2

1谭小野,程胜,车玫.一种基于标记的动态推理控制方法[J].电子技术应用,2006,32(5):51-53. 被引量：1
2蔡伟珊,陈启买,刘海.QCS:一种OLAP预防多维推理方法的研究[J].计算机科学,2012,39(8):178-181. 被引量：1

1张增军,李向阳,肖军模.基于粗糙集理论的数据库推理控制[J].电子科技大学学报,2007,36(3):528-530. 被引量：1
2田学艳.浅谈中职计算机教学中存在的问题与对策[J].电子世界,2014(8):295-296. 被引量：1
3胡蓉,赵斌,刘勇.基于KM的电子政务系统设计与实现[J].微计算机信息,2006(01X):164-166. 被引量：7
4井绪华.论高职教育中计算机基础教学的改革[J].黑龙江科技信息,2010(10):152-152. 被引量：3
5孔凡天,陈幼平,谢经明,张冈,周祖德.基于多传感器信息融合的分布式气体检测系统[J].计算机测量与控制,2006,14(4):421-424. 被引量：18
6系统门诊[J].电脑爱好者（普及版）,2007,0(10):94-94.
7Windows XP 提高管理员的冲浪安全性[J].新电脑,2008(2):127-128.
8肖军模.重视信息系统安全理论的研究与应用[J].中国数据通信,2005,7(5):5-9. 被引量：1
9杨振宇.让课堂成为学生展示自我的舞台——浅谈信息技术教学的着力点[J].中国信息技术教育,2010(24):28-28.
10朱小栋,黄志球,沈国华.基于描述逻辑的数据挖掘元数据的一致性检验[J].小型微型计算机系统,2009,30(2):266-270. 被引量：2

吉林大学学报（信息科学版）

2005年第3期

浏览历史

内容加载中请稍等...

安全数据库数据层推理泄漏检测方法

参考文献9

二级参考文献12

共引文献2

相关作者

相关机构

相关主题

浏览历史